Making an ssh key

From PrgmrWiki
Jump to: navigation, search

Programs have different options for the ssh public key format. We use the OpenSSH key format. It is safe to share your public key with anyone. Never share your private key!

OpenSSH (Linux, Windows Cygwin) and Terminal (OS X)

    Linux Installation Instructions

    If openssh is not already installed, on Debian/Ubuntu try
    aptitude install openssh-client
    or on Redhat/CentOS
    yum install openssh-clients
    or download the portable source from openssh.org and compile it. When OpenSSH is setup you can generate a key and try to login.

    Windows Installation Instructions

    Install cygwin from https://cygwin.com and select the openssh package.

    OS X Installation Instructions

    Terminal comes installed with OS X.

    Key Generation

  1. Check for existing keys before beginning:
    ls -la ~/.ssh
    

    If there is no key you already want to use, generate a new key with:

  2. $ ssh-keygen -t rsa -b 4096
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/<user>/.ssh/id_rsa): /home/<user./.ssh/<keyname>
    Enter passphrase (empty for no passphrase): 
    Enter same passphrase again: 
    Your identification has been saved in /home/<user>/.ssh/<keyname>.
    Your public key has been saved in /home/<user>/.ssh/<keyname>.pub.
    The key fingerprint is:
    20:78:b9:01:15:3a:43:60:7b:7b:55:b3:7f:3b:a5:20 
    The key's randomart image is:
    +--[ RSA 4096]----+
    |.oo.o.   o       |
    |...+ .  . o      |
    | .=.= .. .       |
    |  .+.+..  .      |
    |   ...  SE o . . |
    |    .     . o +  |
    |             +   |
    |              .  |
    +-----------------+
    

    If you use the default key filename /home/<user>/.ssh/id_rsa , ssh will try to use it automatically.

We support rsa, dsa, dss, and also ecdsa (on newer servers only). We recommend at least 2048 bits in your key (or 256 for ecdsa). We do not yet support ed25519. You can choose an alternate algorithm by using the -t flag.

PuTTY (Windows Only)

Installing

Download the PuTTY installer and install it. These are the keys for verifying the signature.

Key Generation

  1. Run PuTTYgen
  2. Click "Generate" to generate a key
  3. Enter a passphrase for the private key.
  4. Save the private key.
  5. Copy/paste the "OpenSSH authorized_keys" text to a separate public key file. The contents of this file (typically starting with ssh-rsa or ssh-dss) is what you need to use when either signing up or changing the key for a VM.

The config settings to access the management console are at Management Console#Logging in via PuTTY

Commercial SSH Clients

These are links to tutorials for the given client. We do not have personal experience with any of these clients.